56% of IT Leaders Cite Skills Gap as Primary Cause of Cybersecurity Breaches
The cybersecurity landscape is facing a critical challenge, as highlighted in the recently released 2026 Global Cybersecurity Skills Gap Report by Fortinet. This report underscores the persistent and emerging difficulties that organizations encounter due to ongoing skill shortages in cybersecurity and the rapidly evolving threat environment.
Key Findings of the Report
The survey reveals several alarming insights regarding the state of cybersecurity skills:
- The lack of cybersecurity expertise, exacerbated by insufficient investments in talent, continues to be a leading cause of significant security breaches.
- While cyber defenders are increasingly utilizing AI-driven tools, there is a pressing need for upskilling and reskilling to maximize the benefits of these advanced technologies.
- Despite investment gaps, organizations are making concerted efforts to attract and retain top-tier cybersecurity professionals.
Carl Windsor, Chief Information Security Officer at Fortinet, emphasized the strategic nature of cybersecurity, stating, “Cybersecurity is not simply a technical issue but a strategic business risk. This year’s survey suggests that while boards generally recognize the importance of cybersecurity, more investment is needed to address key issues, such as emerging AI risks and the ongoing cybersecurity skills shortage. Addressing these issues is critical to business resilience in an increasingly complex threat landscape.”
The High Stakes of Cybersecurity
The report highlights the dire consequences of insufficient cybersecurity skills:
- A staggering 86% of organizations reported experiencing one or more breaches in the past year. Of these, 52% indicated that breaches cost them over $1 million, a significant increase from 38% in 2021. North America bears the brunt of these costs, with the average breach costing around $2 million.
- For the third consecutive year, IT leaders identified the lack of cybersecurity skills as a primary factor in security breaches, with 56% citing it as a concern. Furthermore, 51% expressed a need for senior-level cybersecurity skills, yet 49% struggle to obtain approval for additional cybersecurity personnel. This is particularly concerning given that 50% of respondents noted that executives and board members have faced penalties following a cyberattack.
Emerging Risks from AI Deployment
The integration of AI into organizational processes has introduced new cybersecurity challenges that many boards do not fully comprehend:
- The report indicates that the use of AI by employees poses risks that are not entirely understood. Only 50% of leaders believe their board members are “fully aware” of the potential risks associated with AI usage.
- As AI adoption continues to rise, 63% of respondents anticipate an increased demand for AI oversight and governance roles within cybersecurity teams over the next three years.
Investment in Cybersecurity Certifications
Despite the challenges, there is a positive trend in investment in cybersecurity certifications:
- A notable 92% of respondents expressed a willingness to fund employee certifications, a significant increase from 73% in the previous year’s report.
- To cultivate talent from underrepresented groups, 92% of organizations are utilizing internships, apprenticeships, partnerships, and programs, while 71% have established formal hiring targets for underutilized talent pools.
Opportunities and Challenges of AI in Cybersecurity
The adoption of AI-powered cybersecurity tools is becoming increasingly prevalent as organizations recognize their potential to enhance operations:
- The survey found that 91% of respondents are either using or experimenting with AI-powered cybersecurity solutions. Skepticism regarding AI in cybersecurity has decreased, with 38% expressing uncertainty, down from 43% in the previous year.
- A significant 84% of respondents indicated that AI-enhanced security tools are making IT and security teams more effective and efficient. This is crucial, as both cyber defenders and cybercriminals now have access to similar technologies; 44% of respondents identified defending against AI-driven cyberattacks as a top concern.
Addressing the Skills Gap
The widening skills gap in cybersecurity is a pressing issue, yet organizations are actively seeking solutions:
- Sixty percent of respondents cited finding cybersecurity talent with specific AI experience as their top recruiting challenge. Currently, 92% are likely to invest in AI-related cybersecurity training or certifications within the next year.
- Organizations are also implementing reskilling programs to equip staff with new skill sets necessary for AI adoption. This includes roles in AI model development (55%), AI tool oversight (54%), and security automation (52%). Additionally, 59% of organizations are developing internal training programs, while 52% are procuring training from industry vendors.
The Path Forward for Business Resilience
Investment at the board and executive levels in a comprehensive approach to cybersecurity is essential. This approach should integrate people, processes, and technology. Organizations are encouraged to tap into underutilized talent pools and invest in training and upskilling to build and retain necessary expertise. A coordinated strategy should focus on three key pillars: raising awareness and education, expanding access to targeted training and certification, and deploying advanced security technologies.
To assist organizations in addressing the challenges posed by the cybersecurity skills gap, the Fortinet Training Institute offers one of the largest and most comprehensive training programs in the industry. This initiative aims to make cybersecurity training and career opportunities accessible to all, including a Security Awareness Training service designed to cultivate a cyber-aware workforce.
Fortinet is committed to training one million individuals in cybersecurity globally this year, a pledge that began in 2022.
Source: securitymea.com
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
